Skip to content
This repository has been archived by the owner on Sep 26, 2023. It is now read-only.

Use random UID and GID when running on OpenShift #16

Use random UID and GID when running on OpenShift

Use random UID and GID when running on OpenShift #16

Workflow file for this run

name: Create Release
on:
push:
tags:
- 'v*' # tags matching v*, i.e. v0.0.1, v1.0.0-rc.0
jobs:
build:
name: Create Release
runs-on: ubuntu-latest
steps:
- name: Set Up Environment Variables
env:
REPO: quay.io/${{ secrets.QUAY_ACCOUNT_NAME }}
IMG: gatekeeper-operator
run: |
echo "REPO=${REPO}" >> ${GITHUB_ENV}
RELEASE_VERSION=${{ github.ref }}
# Removes the 'refs/tags/' portion of the string i.e. 'refs/tags/v0.0.1' to 'v0.0.1'
echo "RELEASE_VERSION=${RELEASE_VERSION##*/}" >> ${GITHUB_ENV}
RELEASE_IMG="${REPO}/${IMG}"
echo "RELEASE_IMG=${RELEASE_IMG}" >> ${GITHUB_ENV}
echo "RELEASE_BUNDLE_IMG=${RELEASE_IMG}-bundle" >> ${GITHUB_ENV}
echo "RELEASE_BUNDLE_INDEX_IMG=${RELEASE_IMG}-bundle-index" >> ${GITHUB_ENV}
- uses: actions/checkout@v3
with:
fetch-depth: 0 # Fetch all history for all tags and branches
- name: Set Up Go to Install OPM
uses: actions/setup-go@v3
with:
go-version-file: go.mod
# FIXME: The version tags created in this repo for official releases are
# annotated tags. However, this step is necessary to enable matching
# lightweight (non-annotated) tags because the GitHub Actions checkout@v3
# action (run just prior) will overwrite the annotated tag with a
# non-annotated one here
# https://github.com/actions/checkout/blob/5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f/src/git-source-provider.ts#L136-L141
# as a result of the refspec created at
# https://github.com/actions/checkout/blob/5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f/src/ref-helper.ts#L94-L97.
# This issue is tracked at https://github.com/actions/checkout/issues/290.
# Once the issue is resolved, this step can be removed.
- name: Extract Non-Annotated Version Tag
run: |
GIT_VERSION=$(git describe --tags --match='v*' --always --dirty)
echo "GIT_VERSION=${GIT_VERSION}" >> ${GITHUB_ENV}
- name: Verify release manifest
run: |
# GitHub Actions obfuscates values of secrets e.g. REPO='quay.io/***',
# so pass an unset REPO variable to use the default within the
# Makefile.
unset REPO
make release
git diff --exit-code ./deploy/gatekeeper-operator.yaml
# Reset state of git tree modified by kustomize.
git reset --hard
- uses: docker/setup-qemu-action@v2
- uses: docker/setup-buildx-action@v2
with:
driver-opts: image=moby/buildkit:v0.8-beta
- uses: docker/login-action@v2
with:
registry: quay.io
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_TOKEN }}
- name: Build and Push Operator Image
run: |
make docker-build
make docker-push IMG=${RELEASE_IMG}:${RELEASE_VERSION}
- name: Build and Push Bundle Image
run: |
make bundle-build
make docker-push IMG=${RELEASE_BUNDLE_IMG}:${RELEASE_VERSION}
- name: Build and Push Bundle Index Image
run: |
make bundle-index-build
make docker-push IMG=${RELEASE_BUNDLE_INDEX_IMG}:${RELEASE_VERSION}
- name: Create Release
id: create_release
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions.
with:
tag_name: ${{ github.ref }}
release_name: Gatekeeper Operator ${{ github.ref }}
body: |
To install the Gatekeeper Operator:
```
kubectl apply -f https://raw.githubusercontent.com/${{ github.repository }}/${{ env.RELEASE_VERSION }}/deploy/gatekeeper-operator.yaml
```
generateReleaseNotes: true
draft: true
prerelease: false